Cyber criminals cashing in on digital currencies

In the digital age, money is rapidly evolving into lines of computer code which can easily be hacked, ransomed or stolen by organised criminal gangs (OCGs).

While computerised digital transactions have been instrumental in promoting international commerce and the creation of what is becoming a global economy, they come with a price. The fact that much of the world’s wealth is now stored on computer servers means that this wealth can be stolen or ransomed by cyber criminals. There are also fears that cyber terrorists, possibly state activists in the pay of a foreign power, might simply wipe all records of a significant proportion of the West’s wealth in order to create economic chaos and a financial meltdown.

After Britain abandoned the gold standard in 1914, to be followed by other Western economies, it developed a 'floating' currency, in which a currency's value is allowed to fluctuate in response to the foreign-exchange market. Money has, however, now entered the next stage in its evolution by becoming digital. The new crypto-currency Bitcoin, for example, which the Bank of England regards as simply another foreign currency, is entirely digital and frequently used for anonymous criminal transactions on the Dark Web as well as for money laundering, although it can also be used legitimately and is now accepted as a bona fide currency by a growing number of multinational corporations.

Money has metamorphosed into vulnerable lines of code

Because the banks have so far been able to cover their losses and have been reluctant to own up to the scale of the losses they have sustained, there is little public awareness of the fact that money has metamorphosed from cash lying around in vaults to vulnerable lines of code stored on computer servers connected the Internet. And when some of this code is stolen or compromised by OCGs, the effects can be devastating as most organisations are drastically under-insured against the consequences of cyber-crime. While the banks are becoming increasingly aware of the dangers posed by cyber-crime and terrorism, few of their IT systems are sufficiently safeguarded against cyber breaches.

According to a report from US regulator, the Financial Stability Oversight Council: "Malicious cyber activity is likely to continue, and financial sector organisations should be prepared to mitigate the threat posed by cyber-attacks that have the potential to destroy critical data and systems and impair operations."

Hackers have been finding the banks to be easy prey for some time. In a series of coordinated bank cyberattacks initiated in late 2013, an OCG stole around US$1 billion from more than 100 banks by simply using spear phishing emails sent to bank employees. The emails appeared to be legitimate banking communications but contained malware that exploited software vulnerabilities opening a remote backdoor providing criminals remote access to bank computers. Once this was achieved, the attackers were able to manipulate accounts, transfer money and order ATMs to dispense cash at designated times and places.

But there are now growing fears in the banking industry worldwide that financial institutions and their clients may be sacrificing security even further in their pursuit of ever-faster online transactions. According to Australian bank ANZ, a Reserve Bank move to accelerate all electronic payments through the banking system within the hour has serious implications for cyber security. Other countries, including the UK, have already begun processing bank payments in real time or close to it.

There is, however, another even greater cyber-security threat emerging in the form of the technology industry’s attempts to develop software that would make it possible for major currencies like the dollar or the euro to be used like Bitcoins. This would enable anyone in the world to conduct transactions directly with anyone else in the world, potentially bypassing the banks and other transmission mechanisms such as Western Union completely.

New era of purely digital transactions

Tech giant IBM is reported to be one of the companies developing ways of ushering in the new era of purely digital financial transactions. IBM is understood to be using a variant of ‘Blockchain’, the underlying technology that powers the new digital currency Bitcoin. This effectively offers a comprehensive digital record of digital currency transactions. Instead of being stored on a separate computer server controlled by, for instance, a bank, the digital ledger can be accessed by all participants in the network.

This technology could allow users to make payments in major currencies instantly, anonymously and, crucially, without government regulation. IBM is reported to already be involved in informal discussions about a Blockchain-style cash system with a number of central banks, including the US Federal Reserve. Should central banks approve the concept, IBM is understood to be prepared to build the underlying infrastructure. IBM is understood to be only one of a number of tech companies looking to expand the use of the blockchain technology beyond bitcoin to encompass more established currencies.

UK-based Juniper Research predicts that cyber criminals will be stealing a staggering US$2.1 trillion a year globally by 2019. Unless national governments and financial institutions across the world make a concerted and co-ordinated effort to better safeguard the IT systems that protect their digital cash holdings, the West faces the very real danger of a new and potentially devastating financial crisis.

Stuart Poole-Robb is the chief executive of the security, business intelligence and cyber security adviser, the KCS Group Europe.